As a server (my blog not as workstation (my blog)
The improvements first.
Postfix with postmulti
I had this ‘forced’ on me by systemd (my blog) not running the simple one instance that supposedly everybody else does and is ok with. While i am still a bit newbish with the postfix command replacement it feels a better solution especially with logging which my older extra instances did not offer – as to what instance was doing.
There is no real config change but seems a more modern config despite that not changing and already having scripts that ise multiple postfix configs.
Postfix is a lot less tolerant of clients such as
connect from unknown[18.104.22.168]
Who don’t do much but like to test things and despite our config from before denying such activity [ddos,spammers,clueless,bot nets] it feels as if they are discarded more quickly
Tls probers (waste of time clients) have sslv3 requests redirected to something more modern tls. Milters where odd to debug. See the mailgraph heading below for a downside.
My manual method of signing zones still works – the daemon software in jessie i could not figure out – mostly because most people never used it or compiled a better version and never used the debian package being out of date. It is something i might look at in the future
Signing zones currently takes a minute and is something i spend twelve minutes a year doing.
Not sure of and probably blame me department
I am on the fence on this upgrade and feel the config still needs looking at despite working it seems a little no there et after i did seem to lose a lot of config commands to get it to work along with those bloody sockets i had to delete..
Hard to fix and runtime issues with solutions.
Appears to work but now does not log – kind of/maybe situation – apache says it wrote 403 errors, but the confirmation from before means i take one softwares fact as a unknown.
Hairy eyeball those emails from root to to get these – you did read them right ?.
Is not updating its png images, html updates with the date and time – think this is not a systemd thing once again not /etc/default or init.d issue.- not an urgent issue and might be something due to postmulti since spam is logged in the chart and the mail.log has stuff in it.
Well it recorded the one spam
Which is not an accurate representation of activity – files do update but no postfix activity in charts. Not working.i guess due to incompatible parsing of:
postfix-instancex/smtpd[*]: disconnect from unknown[22.214.171.124]
helo=1 auth=0/1 quit=1 commands=2/3
My theory anyhow
I had to adjust the cron job to get the more detailed report once again for stretch to reflect as jessie. not hard.
Has had a redesign – we only used for port 25 scanning with amavis and now does not work with the old config. With postfix improvements i might let this fall in to non use.
X Logout leaves running processes
Don’t ask me why but it does cache cleaner, and hplip and systemd seem unhappy with something.
Need –pkgmgr DPKG in cron.daily as extra parameters
Or i get mail errors
Can now be ‘easily’ installed without’breaking’ debian.so i might be adding to the virus scanner which gets little cause for use with our mail config refusing bad content before it gets to a scanner.
reporting (my blog) command appears to now send reports from more than just the first reporting host who got on with it and did not complain. I guess the atps and other dns lines might be deemed redundant.
The package maanager does ttry o do more than it should trying to restart things – an easy example yesterday apt upgraded apache2 documents and tried to add the module and failed when the conf file it tried to read did not exist where debian assumed it was.
So i had to restart apache.manually.
Overall not a disaster. Something i might think as a good idea at some point but then again it as a server does a lot of jobs.I guess upgrading one server with one task would be less stressful.